Use Alibaba Cloud SDK for Python to create a trail

Step 1: Create and configure a Log Service project and a Logstore

Before you create a trail, you must create a Log Service project and a Logstore named in the format of actiontrail_{TrailName}. TrailName specifies the name of the trail that you want to create.

In addition, if you need to analyze event logs, you must configure indexes and a log dashboard for the Logstore. You can use Log Service SDK for Python to create and configure a Log Service project and a Logstore. For more information about the SDK, visit aliyun-log-python-sdk.

1. Create a Python file in Visual Studio Code.
2. Install dependencies and initialize the SDK.
   1. Install dependencies.

      $ pip install -U aliyun-log-python-sdk

   2. Initialize the SDK.

      from aliyun.log import LogClient
      
      # The China (Hangzhou) region.
      region = 'cn-hangzhou'
      
      # The Log Service endpoint.
      endpoint = '{region}.log.aliyuncs.com'.format(region=region)
      # The AccessKey ID that you use to access Log Service.
      access_key_id = 'ABCDEFGHIJK****'
      # The AccessKey secret that you use to access Log Service.
      access_key_secret = 'OPQRSTUV****'
      # The ID of the Alibaba Cloud account.
      account_id = '123456789'
      
      client = LogClient(endpoint, access_key_id, access_key_secret)

      Note Specify the region, AccessKey ID, AccessKey secret, and ID of the Alibaba Cloud account based on the actual business requirements.
3. Create a Log Service project and a Logstore.

   # The name of the trail.
   trail_name = 'cloud_trail'
   
   # The name of the Log Service project.
   log_project_name = 'cloud-trail-project'
   
   # Create a Log Service project.
   res = client.create_project(log_project_name, 'The Log Service project that receives event logs from ActionTrail')
   res.log_print()
   
   # The name of the Logstore.
   log_store_name = 'actiontrail_{trail_name}'.format(trail_name=trail_name)
   # Create a Logstore.
   res = client.create_logstore(log_project_name, log_store_name, shard_count=3, preserve_storage=True)
   res.log_print()

   Note Specify the names of the trail, Log Service project, and Logstore based on the actual business requirements. When you create a Logstore, set the preserve_storage parameter to True. This indicates that event logs are permanently stored in the Logstore.
4. Configure indexes.
   1. Create an index configuration file named log_index.json.
      Visit actiontrail-create-trail and download the index configuration file.
   2. Create indexes.

      import json
      from aliyun.log import LogClient
      from aliyun.log import IndexConfig
      
      def get_json_data(path):
          with open(path) as f:
              return json.load(f)
            
      # Read the index configuration from the log_index.json file.
      index_json = get_json_data('./log_index.json')
      index_detail = IndexConfig()
      index_detail.from_json(index_json)
      # Create indexes.
      client.create_index(log_project_name, log_store_name, index_detail)

5. Create a log dashboard.
   1. Create a log dashboard configuration file named log_dashboard.json.
      Visit actiontrail-create-trail and download the dashboard configuration file.
   2. Create a log dashboard.

      # Read the log dashboard configuration from the log_dashboard.json file.
      dashboard_detail = get_json_data('./log_dashboard.json')
      # Create a log dashboard. 
      client.create_dashboard(log_project_name, dashboard_detail)

Step 2: Create and enable a trail

You can use Alibaba Cloud SDK for Python to create a trail. For more information about the SDK, visit aliyun-python-sdk-core.

1. Initialize the SDK.
   1. Install dependencies.

      $ pip install aliyun-python-sdk-core
      $ pip install aliyun-python-sdk-actiontrail

   2. Initialize the SDK.

      from aliyunsdkcore.client import AcsClient
      from aliyunsdkcore.acs_exception.exceptions import ClientException
      from aliyunsdkcore.acs_exception.exceptions import ServerException
      from aliyunsdkactiontrail.request.v20171204.CreateTrailRequest import CreateTrailRequest
      
      client = AcsClient(access_key_id, access_key_secret, region)

2. Create a trail to deliver event logs to the Log Service project that you create.
   Use the SDK to call the CreateTrail operation to create a trail. For more information, see CreateTrail.

   sls_project_arn = 'acs:log:{region}:{account_id}:project/{log_project_name}'.format(
       region=region,
       account_id=account_id,
       log_project_name=log_project_name,
   )
   
   request = CreateTrailRequest()
   request.set_accept_format('json')
   
   # Specify a trail name.
   request.set_Name(trail_name)
   # Specify the Alibaba Cloud Resource Name (ARN) of the Log Service project.
   request.set_SlsProjectArn(sls_project_arn)
   # Track all types of events.
   request.set_EventRW("All")
   # Track the events in all regions.
   request.set_TrailRegion("All")
   
   response = client.do_action_with_exception(request)
   print(str(response, encoding='utf-8'))

   Note After you create a trail, the trail enters the Fresh state. This indicates that the trail is created but not enabled. You must manually enable the trail.
3. Enable the trail.
   Use the SDK to call the StartLogging operation to enable the trail. For more information, see StartLogging.

   from aliyunsdkactiontrail.request.v20171204.StartLoggingRequest import StartLoggingRequest
   
   request = StartLoggingRequest()
   request.set_accept_format('json')
   
   request.set_Name(trail_name)
   
   response = client.do_action_with_exception(request)
   print(str(response, encoding='utf-8'))